He added that the issue had since been settled, as the portal had removed the article following orders from the Malaysian Communications and Multimedia Commission (MCMC).
“They have shown cooperation with us by removing the article when we asked them to.
“The ministry through the Department of Personal Data Protection (JPDP) manages personal data in commercial transactions, and every merchant has to abide by it when handling customers’ data.
“JPDP, MCMC and the police along with other agencies are investigating the matter,” he said in a reply at the Dewan Rakyat here.
The matter was raised by Teo Nie Ching (DAP-Kulai), who asked the minister why MCMC had told Lowyat.net to remove the article titled “Personal data of Malaysians up for sale, sources of breach still unknown”.
She asked if the allegations made in the article were true, and if so, why the ministry had “shot the messenger” instead of going after the people who were selling the data.
“The one that sold the data was not Lowyat.net but a third party,” she said.
Reiterating that the misunderstanding between MCMC and the portal had been resolved, Salleh warned against speculation on the matter.
“The matter has been resolved well despite there being publication of personal data in the article itself,” he said, adding that it should not have been published.
He also asked people to wait for investigations to be completed.
“The investigation into the said breach is ongoing, and the right action will be taken after a proper investigation.”
The article in question was restored on Oct 20 with the approval of MCMC.
If true, the data breach could be one of the biggest ever in Malaysian history.
According to the report, the personal data of millions of people belonging to Jobstreet.com, the Malaysian Medical Council, the Malaysian Medical Association, Academy of Medicine Malaysia, the Malaysian Housing Loan Applications, the Malaysian Dental Association and the National Specialist Register of Malaysia is up for sale for an undisclosed amount in bitcoin.